MySpace OpenID Popup spotted in the wild

Chris Messina chris.messina at gmail.com
Fri Mar 20 21:46:44 UTC 2009 

The URL bar does not seem to display in Safari 4.
Otherwise, I agree with most of Allen's feedback.

Chris

On Fri, Mar 20, 2009 at 1:27 PM, Allen Tom <atom at yahoo-inc.com> wrote:

>  Hi Max,
>
> The MySpace OpenID popup is really nice, and the address bar is displaying
> for me on Firefox. The Login with MySpaceID button is probably the most
> attractive CTA that I've seen to date.
>
> At the recent Facebook UX summit, there seemed to be agreement that the
> best size for a popup was 450W by 500H. If OPs all used the same size for
> their popups, the experience would be more consistent.
>
> You may also want to consider having the RP dim the contents the main
> browser window while the popup is active to encourage the user to focus on
> the popup.
>
> Another minor detail is that buttons and other clickable elements usually
> use the hand cursor when the user mouses over them. The buttons and links in
> the popup don't use the hand cursor.
>
> One more thing, although the password submission is sent to
> https://secure.myspace.com, the popup URL isn't https. It's also not "
> www.myspace.com" which seems to conflict with the instructions on your
> home page.
>
> Overall, awesome stuff!
> Allen
>
>
> max engel wrote:
>
> The bar shouldn't be supressed, and it didn't happen in any of our testing.
> See if it happens in firefox. I definitely planned it so the url should be
> visible, and will fix any bugs.
>
> With regards to the credentials temporarily refreshing before successful
> login, this is a known deficiency we are addressing, and is because the
> login controller is being served inside the popup in an iframe due to
> MySpace security development policies.
>
> I'll review the disclaimer language, but we wanted to keep it simple and
> lightweight, and our testing confirmed this. We do have different language
> for vanilla openid v. Pop-up.
>
> Definitely pass along to me any additional feedback.
>
> - Max
>
> ...sent from the road
> ------------------------------
> *From*: user-experience-bounces at openid.net
> *To*: OpenID user experience
> *Cc*: Max Engel
> *Sent*: Fri Mar 20 14:21:32 2009
> *Subject*: Re: MySpace OpenID Popup spotted in the wild
>  Yeah, that was my number one concern. Hiding the URL bar is really the
> WRONG way to do it (something the spec MUST address, though I doubt in that
> context we can use the word MUST...).
>  To see this in action, visit the test site:
>
>  http://8bitmusic.jdavid.net/
>
>  The experience with the site is extremely weird: I signed in properly
> using the popup and the login page refreshed instead of providing me some
> kind of "success" message. I thought I'd entered the wrong credentials and
> hit cancel, but then the parent window refreshed and showed my profile, with
> a bunch of my data prepopulated (without asking me for explicit access
> permission):
>
>  http://www.flickr.com/photos/factoryjoe/3370317843/
>
>  Clearly this leaves something to be desired, but now we at least have an
> alternative to Facebook Connect that we can look at!
>
>  Chris
>
> On Fri, Mar 20, 2009 at 11:28 AM, Allen Tom <atom at yahoo-inc.com> wrote:
>
>> http://www.flickr.com/photos/factoryjoe/3369029303/
>>
>> Looks really nice! My main feedback is that the browser's address bar
>> needs to be displayed so that users can tell if they're logging into myspace
>> or not.
>>
>> The instructions on MySpace's home page says that you shouldn't login to
>> this popup. :)
>>
>> Always make sure you're visiting the real myspace.com!
>>
>>    1. Check the URL in your browser.
>>    2. Make sure it begins with http://www.myspace.com/
>>    3. If ANY OTHER PAGE asks for your info, DON'T LOG IN!
>>
>>
>>
>>
>> _______________________________________________
>> user-experience mailing list
>> user-experience at openid.net
>> http://openid.net/mailman/listinfo/user-experience
>>
>>
>
>
> --
> Chris Messina
> Citizen-Participant &
>  Open Web Advocate
>
> factoryjoe.com // diso-project.org // vidoop.com
> This email is:   [ ] bloggable    [X] ask first   [ ] private
>
> ------------------------------
>
> _______________________________________________
> user-experience mailing listuser-experience at openid.nethttp://openid.net/mailman/listinfo/user-experience
>
>
>
> _______________________________________________
> user-experience mailing list
> user-experience at openid.net
> http://openid.net/mailman/listinfo/user-experience
>
>


-- 
Chris Messina
Citizen-Participant &
 Open Web Advocate

factoryjoe.com // diso-project.org // vidoop.com
This email is:   [ ] bloggable    [X] ask first   [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-user-experience/attachments/20090320/7fbecf67/attachment-0002.htm>

More information about the user-experience mailing list